BackBox News
Latest news and insights on Security
Company Blogs
Hacking Tools
- SafeLine - Serve As A Reverse Proxy To Protect Your Web Services From Attacks And Exploits
- PolyDrop - A BYOSI (Bring-Your-Own-Script-Interpreter) Rapid Payload Deployment Toolkit
- Secator - The Pentester'S Swiss Knife
- Damn-Vulnerable-Drone - An Intentionally Vulnerable Drone Hacking Simulator Based On The Popular ArduPilot/MAVLink Architecture, Providing A Realistic Environment For Hands-On Drone Hacking
- File-Unpumper - Tool That Can Be Used To Trim Useless Things From A PE File Such As The Things A File Pumper Would Add
- Mass-Assigner - Simple Tool Made To Probe For Mass Assignment Vulnerability Through JSON Field Modification In HTTP Requests
- Imperius - Make An Linux Kernel Rootkit Visible Again
- BYOSI - Evade EDR's The Simple Way, By Not Touching Any Of The API's They Hook
- Psobf - PowerShell Obfuscator
- ModTracer - ModTracer Finds Hidden Linux Kernel Rootkits And Then Make Visible Again
Exploit DB
- [webapps] SOPlanning 1.52.01 (Simple Online Planning Tool) - Remote Code Execution (RCE) (Authenticated)
- [webapps] dizqueTV 1.5.3 - Remote Code Execution (RCE)
- [webapps] openSIS 9.1 - SQLi (Authenticated)
- [webapps] reNgine 2.2.0 - Command Injection (Authenticated)
- [dos] Windows TCP/IP - RCE Checker and Denial of Service
- [webapps] Gitea 1.22.0 - Stored XSS
- [webapps] Invesalius3 - Remote Code Execution
- [webapps] NoteMark < 0.13.0 - Stored XSS
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Authentication Bypass
- [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Device Config
Hacker claims to have stolen Dell customer data – here’s how to protect yourself
/in General NewsA hacker told TechCrunch he exploited flaws in two data breaches, giving him access to Dell customer names, phone numbers, email addresses, and physical addresses.
Latest stories for ZDNET in Security – Read More
MITRE EMB3D Improves Security for Embedded Devices
/in General NewsThe EMB3D model provides a common understanding of cyber threats to embedded devices and the security mechanisms needed to mitigate them. It is based on observations of threat actor activities, security research, and device vulnerability reports.
Cyware News – Latest Cyber News – Read More
Top 5 Most Dangerous Cyber Threats in 2024
/in General NewsSANS Institute experts weigh in on the top threat vectors faced by enterprises and the public at large.
darkreading – Read More
Vermont Legislature Passes One of the Strongest Data Privacy Measures in the Country
/in General NewsVermont legislature passed a bill that prohibits the sale of sensitive data, such as social security and drivers’ license numbers, financial or health information.
The post Vermont Legislature Passes One of the Strongest Data Privacy Measures in the Country appeared first on SecurityWeek.
SecurityWeek – Read More
Singapore Cybersecurity Update Puts Cloud Providers on Notice
/in General NewsThe nation amends its Cybersecurity Act, giving its primary cybersecurity agency more power to regulate critical infrastructure and third parties, and requiring cyber incidents be reported.
darkreading – Read More
Microsoft Windows DWM Zero-Day Poised for Mass Exploit
/in General NewsCVE-2024-30051, under active exploit, is the most concerning out of this month’s Patch Tuesday offerings, and already being abused by several QakBot actors.
darkreading – Read More
Unprotected Session Tokens Can Undermine FIDO2 Security
/in General NewsWhile the protocol has made passwordless authentication a reality, token-binding is key to prevent against token theft and reuse, security vendor says.
darkreading – Read More
Lawmakers’ Section 230 ultimatum to Big Tech: Work together to make the internet safer, or else
/in General NewsA bipartisan bill seeks to end the Section 230 liability shield for tech companies. Here’s a timeline of what happens next.
Latest stories for ZDNET in Security – Read More
As the FBI Closes In, Scattered Spider Attacks Finance, Insurance Orgs
/in General NewsScattered Spider is as active as ever, despite authorities claiming that they’re close to nailing its members.
darkreading – Read More
A Cost-Effective Encryption Strategy Starts With Key Management
/in General NewsKey management is more complex than ever. Your choices are: Rely on your cloud provider or manage keys locally; Encrypt only the most critical data; Or encrypt everything.
darkreading – Read More